Looking up dynamic values for rules

We have an application that only accepts 100 unique application IDs (like 2345, 876, etc) as a tag to a resource group.
We are supplying these values statically within the Sentinel policy.
While this is working fine, is there a way for Sentinel to do an API call, where it can lookup all the values from a website/table?
This way we wont have to statically define the values in the policy file.

Thank you!

Hi @JiJo333 ,

Yes. There is a standard Sentinel http import that can be used in Sentinel policies in both Terraform Cloud/Enterprise and Vault Enterprise.

Note that the http import can only send GET requests and can only process JSON responses.

You can see examples for TFC/E here. You can also read a Medium blog post about them.

You can see an example for Vault Enterprise here and read a Medium blog post about it. There is also a HashiCorp Learn guide with a second example.

Roger Berlind
Global Technology Specialist

1 Like

Thank you Roger for the quick response!